Maxime Besson
ed3e274ab1
Fix force password reset in Combination ( #1984 )
2019-10-24 08:58:04 +02:00
Maxime Besson
4afecb4620
Remove IDP cookie ( #1941 )
2019-10-17 23:09:03 +02:00
Christophe Maudoux
3c2ecfd04a
Tidy ( #1956 )
2019-10-13 22:47:57 +02:00
Christophe Maudoux
f188426f8b
Fix custom function parameter ( #1956 )
2019-10-13 22:29:12 +02:00
Christophe Maudoux
0ca649f106
Use custom decrypt functions ( #1956 )
2019-10-13 15:08:32 +02:00
Maxime Besson
2b4defb2a9
Prevent portal from crashing when keepPdata=1 ( #1893 )
...
Since the changes introduced to fix #1893 , keepPdata is expected to
contain an array of values.
When migrating from previous LLNG versions, cookies may contain
keepPdata=1, which crashes the server because 1 isn't an arrayref
This change makes LLNG consider that keepPdata=1 is not a valid value,
and replaces it with an empty arrayref when starting the login or logout
flow.
2019-10-09 17:35:48 +02:00
Maxime Besson
ff9bb46301
Make notification system take pdata url into account ( #1893 )
2019-10-08 22:40:10 +02:00
Maxime Besson
2bce713f65
Set issuer urldc in pdata ( #1893 )
2019-10-08 22:40:10 +02:00
Maxime Besson
3ee708d8ff
Delay cookie restore after hooks ( #1965 )
2019-10-07 17:26:40 +02:00
Maxime Besson
474bb48aa1
Make Password::LDAP/AD check connection before use ( #1909 )
...
Also remove a mostly redundant wrapper method in Auth::LDAP
2019-10-01 19:17:31 +02:00
Maxime Besson
fa49e77495
Better logs in case of a LDAP error
2019-10-01 15:14:51 +02:00
Clément OUDOT
a239091553
Load String::Random ( #1963 )
2019-10-01 14:49:41 +02:00
Christophe Maudoux
138cfe6edb
Append DecryptValue plugin ( #1956 )
2019-09-30 22:29:49 +02:00
Christophe Maudoux
a219a51e1c
Revert "Make manifest"
...
This reverts commit c00110ed01
.
2019-09-30 22:28:55 +02:00
Christophe Maudoux
35de9fd3e8
Re-order
2019-09-30 22:27:03 +02:00
Christophe Maudoux
c00110ed01
Make manifest
2019-09-30 22:26:55 +02:00
Christophe Maudoux
b3791cc65b
Typo
2019-09-30 19:10:05 +02:00
Christophe Maudoux
b505d3a475
Typo
2019-09-30 19:10:05 +02:00
Maxime Besson
e9153957da
IDP selection phrasing
2019-09-30 18:55:09 +02:00
Maxime Besson
e693e5e649
Fix IDP selection rules ( #1961 )
2019-09-30 18:54:02 +02:00
Xavier
461cd51e45
Try to fix #1785 without breaking pdata
2019-09-29 23:04:17 +02:00
Christophe Maudoux
6df7412bcf
Fix log with Impersonation plugin ( #1664 )
2019-09-26 20:24:12 +02:00
Maxime Besson
5d5ac66a6e
Add Date: field to emails ( #1953 )
...
This adds a dependancy to Email::Date::Format, but it's already a
dependancy of Email::Sender::Simple (and probably more), so in practice
no new packages are going to be installed
2019-09-26 12:32:58 +02:00
Christophe Maudoux
5d9fc02205
Typo & logger
2019-09-20 22:47:48 +02:00
Christophe Maudoux
c34c6e646e
Append search parameters & improve unit test ( #1938 )
2019-09-19 22:51:10 +02:00
Clément OUDOT
dc0a8f7848
Add some log when user is authorized to access to service ( #1702 )
2019-09-19 16:52:08 +02:00
Clément OUDOT
dd76c4f3db
Improve log for CAS Issuer ( #1702 )
2019-09-19 16:18:51 +02:00
Clément OUDOT
e446e09a7f
Improve log ( #1702 )
2019-09-19 16:07:10 +02:00
Christophe Maudoux
84778604fd
Typo
2019-09-18 21:01:24 +02:00
Christophe Maudoux
2095fdf316
Improve log ( #1702 )
2019-09-18 19:59:35 +02:00
Christophe Maudoux
92c8e6791f
Typo ( #1702 )
2019-09-18 19:49:22 +02:00
Clément OUDOT
5512d38f81
Improve log on 2F unregistration ( #1702 )
2019-09-18 18:09:18 +02:00
Clément OUDOT
ce6f6c3977
Get login to use it in password force change form ( #1910 )
2019-09-18 15:55:13 +02:00
Maxime Besson
98f55fd384
Translate the error code displayed in debug logs
2019-09-17 20:17:57 +02:00
Christophe Maudoux
146aca7c82
Remove trailing whitespaces
2019-09-16 20:30:35 +02:00
Christophe Maudoux
fcf05c5602
Avoid warning
2019-09-16 17:22:35 +02:00
Maxime Besson
c94e2534a9
Send CORS headers when doing JSON responses too ( #1765 )
2019-09-16 16:55:15 +02:00
Maxime Besson
e281ad7cc3
Add support for CORS preflight ( #1765 )
2019-09-16 16:55:15 +02:00
Christophe Maudoux
9c01c46fea
Typo ( #1932 )
2019-09-14 23:37:50 +02:00
Christophe Maudoux
dd66f37739
Return httpSession id if exists ( #1932 )
2019-09-14 22:47:11 +02:00
Christophe Maudoux
5615d5b2a3
Append display Slave logo option ( #1936 )
2019-09-14 22:07:44 +02:00
Christophe Maudoux
ce4cdcee85
Don t display Slave module
2019-09-13 22:37:35 +02:00
Christophe Maudoux
9784e75ead
Check Slave credential headers ( #1935 )
2019-09-13 22:21:09 +02:00
Clément OUDOT
5c7905e342
Improve regexp ( #1891 )
2019-09-13 15:35:05 +02:00
Clément OUDOT
36a1f07786
Remove cancel parameter in CAS service value ( #1891 )
2019-09-13 15:17:51 +02:00
Xavier
e50e7d09d1
Update version of (really) modified files
2019-09-12 21:56:49 +02:00
Clément OUDOT
70d2856d71
Option to display password generation box ( #1928 )
2019-09-12 18:26:56 +02:00
Clément OUDOT
c75a74da5a
Display password form if password is refused ( #1930 )
2019-09-12 17:54:43 +02:00
Christophe Maudoux
4287c39f5b
typo
2019-09-11 16:20:28 +02:00
Christophe Maudoux
bb0b5814f7
Fix empty groups ( #1791 )
2019-09-11 16:18:35 +02:00
Christophe Maudoux
c1af9e49f7
WIP - Append extractFormInfo step & AuthChoiceParam for AuthChoice ( #1925 )
2019-09-09 23:23:52 +02:00
Christophe Maudoux
132f42d44c
Forbid browsers to store users password & Improve unit tests ( #1913 )
2019-09-08 19:28:28 +02:00
Maxime Besson
94877793d4
increase clock tolerance during rest secret check ( #1923 )
2019-09-06 17:45:51 +02:00
Maxime Besson
00e91f374b
Add specific error code when missing a required SAML attr ( #1919 )
...
The MISSINGREQATTR message is a good default value, but a site
administrator may decide to override it with a personnalized version
that only applies to issuer errors caused by an incomplete user profile
(for example, giving a pointer to the local user profile management
application)
2019-09-06 11:04:39 +02:00
Clément OUDOT
e54355ff9f
Use conf as HASH key ( #1619 )
2019-09-05 17:16:55 +02:00
Clément OUDOT
5b7bb4b9cd
Check error message from ITDS ( #1619 )
2019-09-05 17:14:44 +02:00
Clément OUDOT
17123d6196
Avoid plugin conflicts ( #993 )
2019-09-05 13:30:49 +02:00
Clément OUDOT
068ffbe604
Define portalDisplayPasswordPolicy parameter in Manager ( #993 )
2019-09-05 13:02:51 +02:00
Clément OUDOT
b44c13ba2f
Display password policy in password change form ( #993 )
2019-09-05 12:46:32 +02:00
Clément OUDOT
2f2f62ae1c
Check password quality in mail reset plugin ( #993 )
2019-09-05 12:02:51 +02:00
Clément OUDOT
3700a1b54c
Fix logger in Kerberos Auth init
2019-09-04 15:42:33 +02:00
Christophe Maudoux
3e9a424090
Update version ( #1916 )
2019-09-03 22:57:51 +02:00
Christophe Maudoux
56ed8a5724
Append issuersTimeout option ( #1916 )
2019-09-03 22:52:07 +02:00
Clément OUDOT
a2d3ae1d03
Local password policy: minimal digits ( #993 )
2019-09-03 19:08:19 +02:00
Clément OUDOT
28309dca9b
Merge branch 'v2.0' of gitlab.ow2.org:lemonldap-ng/lemonldap-ng into v2.0
2019-09-03 19:07:22 +02:00
Clément OUDOT
b52bbdb838
Local password policy: minimal upper characters ( #993 )
2019-09-03 18:45:35 +02:00
Maxime Besson
ff3d4e218c
doc: suggest a better fix for #1864
...
We can't do it yet because the issue isn't fixed in versions of Lasso
found in the wild. But someday it will be.
2019-09-03 18:13:13 +02:00
Clément OUDOT
ef3d6a26c4
Local password policy: minimal lower characters ( #993 )
2019-09-03 16:10:04 +02:00
Clément OUDOT
8998eb183e
Local password policy: minimal size ( #993 )
2019-09-03 14:30:22 +02:00
Clément OUDOT
82a06fce91
Pass skin parameter in 2F flows ( #1915 )
2019-09-03 11:56:48 +02:00
Clément OUDOT
fca831411b
Fix call to logger in REST authentication backend
2019-08-30 09:46:25 +02:00
Clément OUDOT
177f446f25
Display main logo in redirect page ( #1906 )
2019-08-29 19:29:27 +02:00
Maxime Besson
d61935ab6e
Implement introspection endpoint for access tokens ( #1843 )
2019-08-29 19:10:51 +02:00
Maxime Besson
fd7453b7a5
Refactor endpoint auth
2019-08-29 18:57:26 +02:00
Xavier Guimard
ae6e69667a
Fix warning
2019-08-29 10:49:01 +02:00
Xavier Guimard
9379188000
Fix ^ ( #1903 )
2019-08-28 19:28:20 +02:00
Xavier Guimard
df4e7e7522
Generic fix for issues like #1903
2019-08-28 19:12:29 +02:00
Clément OUDOT
2145483be7
Pass extra args in Combination module ( #1903 )
2019-08-28 18:22:19 +02:00
Xavier Guimard
1660109e2f
Security: use 3-form for open
2019-08-28 11:32:54 +02:00
Xavier
1f2f0240f0
Love Perl ( #1863 )
...
TIMTOWTDI
2019-08-28 00:36:18 +02:00
Maxime Besson
810d2c7f94
Disable template cache to avoid translation issues in mail ( #1897 )
2019-08-27 23:13:36 +02:00
Maxime Besson
a04a376777
Make regular template variables available in mails
...
SKIN, PORTAL_URL, env_*, session_* are now available in email templates
Preliminary work for #1861
2019-08-27 23:13:36 +02:00
Xavier Guimard
48883dbe4e
More tests
2019-08-27 10:32:26 +02:00
Xavier Guimard
323d92fa1b
Don't load Data::Dumper unless debug
2019-08-27 10:10:11 +02:00
Clément OUDOT
796d1b12e6
Add _session_kind to default exported attributes ( #1896 )
2019-08-26 17:38:08 +02:00
Christophe Maudoux
ec59cc164c
Catch error earlier in process ( #1867 )
2019-08-24 23:26:42 +02:00
Xavier Guimard
0415370f2c
More REST debug
2019-08-22 15:17:51 +02:00
Clément OUDOT
e42e71b5e3
Use LinkedIn v2 API ( #1890 )
2019-08-22 14:51:24 +02:00
Christophe Maudoux
894b8be541
By pass first access ( #1867 )
2019-08-21 23:40:23 +02:00
Maxime Besson
661a007b4a
Check OIDC access token expiration ( #1879 )
2019-08-21 12:18:55 +02:00
Christophe Maudoux
b694b16a19
Avoid warning with Choice
2019-08-20 17:08:37 +02:00
Christophe Maudoux
8e9f4e513e
Improve combination with FaceBook & LinkedIn
2019-08-17 17:27:14 +02:00
Christophe Maudoux
5985e6d258
Fix REST service ( #1870 )
2019-08-17 17:11:28 +02:00
Xavier
097183f2b3
Fix warning
2019-08-16 09:10:10 +02:00
Christophe Maudoux
78a82dbee9
Override OTT conf. for Upgrade tokens ( #1884 )
2019-08-15 22:01:44 +02:00
Maxime Besson
2e9f57ab6f
Better default behavior for oidcServiceMetaDataIssuer ( #1882 )
2019-08-13 18:09:59 +02:00
Christophe Maudoux
7502e424e3
Revert "Concatenate pdata and lemon cookies in the same set-cookie header ( #1863 )"
...
This reverts commit c3a01c042c
2019-08-13 10:16:31 +02:00
Christophe Maudoux
c3a01c042c
Concatenate pdata and lemon cookies in the same set-cookie header ( #1863 )
2019-08-12 23:52:33 +02:00
Christophe Maudoux
3891c9caec
Fix log level & improve e2e ini file ( #1878 )
2019-08-12 22:20:22 +02:00
Christophe Maudoux
f8ef2797a8
Update manifest
2019-08-12 21:36:55 +02:00
Christophe Maudoux
d7cb8bf4b8
Force remove pdata cookie to avoid loop ( #1878 )
2019-08-12 21:29:08 +02:00
Christophe Maudoux
09158f0084
Return whatToTrace instead of uid & Fix + Append unit test ( #1664 )
2019-08-10 12:38:25 +02:00
Christophe Maudoux
52fa94bd55
Sort functions & append comments
2019-08-10 11:13:56 +02:00
Christophe Maudoux
bee0e675f3
Revert "Fix langs directory ( #1870 )"
...
This reverts commit b453647b26
.
2019-08-09 22:46:43 +02:00
Christophe Maudoux
b453647b26
Fix langs directory ( #1870 )
2019-08-09 22:11:05 +02:00
Maxime Besson
daa03a9a9c
OIDC: tie client_id to authorization code ( #1881 )
2019-08-09 13:54:53 +02:00
Christophe Maudoux
9dac92064c
Better fix & update unit tests ( #1861 )
2019-08-07 22:29:12 +02:00
Maxime Besson
9b24fd02e5
Log more detailed information about Kerberos failures
2019-08-07 19:35:35 +02:00
Christophe Maudoux
ce05b44172
Remove useless constants ( #1867 )
2019-08-06 22:42:17 +02:00
Christophe Maudoux
7aad470586
Delete pdata cookie after XML notif validation & Improve unit test ( #1861 )
2019-08-06 22:29:48 +02:00
Christophe Maudoux
c630a90064
Delete pdata cookie after notif validation & Improve unit test ( #1861 )
2019-08-06 22:25:09 +02:00
Xavier
ea713a3169
Avoid conflict in $req->data between DBI and LDAP
...
Closes : #1875
2019-08-06 21:54:41 +02:00
Christophe Maudoux
742e7417d4
Better fix ( #1867 )
2019-08-06 21:04:52 +02:00
Maxime Besson
8de0a89029
Give more customization options for 2F prompt messages
...
new translations labels for mail and rest, and we now pass the 2F prefix
to templates. It's not used in the default skin, but it should help in
cases where extra second factors are used to offer the user a more
helpful prompt message
2019-08-05 20:08:28 +02:00
Christophe Maudoux
bf20db03b9
Improve unit test & fix ( #1867 )
2019-08-04 22:39:14 +02:00
Christophe Maudoux
c1736f7f82
Catch error if setSecurity is undefined ( #1874 )
2019-08-04 12:08:34 +02:00
Christophe Maudoux
1422c28c0b
Improve fix & unit test ( #1874 )
2019-08-03 23:49:02 +02:00
Christophe Maudoux
6cf1c83151
Fix & Improve unit test ( #1874 )
2019-08-03 22:48:07 +02:00
Christophe Maudoux
058ef90662
Append dependency
2019-08-03 11:05:12 +02:00
Christophe Maudoux
6ad07f9c4d
Fix debug log
2019-08-03 11:04:58 +02:00
Christophe Maudoux
dcd0c53fde
Fix warning message
2019-08-02 22:58:36 +02:00
Christophe Maudoux
46208d74fe
Improve unit test ( #1870 )
2019-08-02 21:58:08 +02:00
Maxime Besson
15c3b0bbf8
Add Radius second factor ( #1847 )
2019-08-02 18:03:10 +02:00
Maxime Besson
68c8be333a
Fix translation override in mails
2019-08-02 17:45:03 +02:00
Maxime Besson
c1afdbefac
Add labels and logos to all 2F providers ( #1873 )
2019-08-01 17:27:14 +02:00
Christophe Maudoux
216d683f22
Fix debug log ( #1870 )
2019-08-01 11:59:02 +02:00
Christophe Maudoux
188c7be337
perltidy
2019-07-31 23:38:48 +02:00
Christophe Maudoux
ee5a705d2f
Append REST API to retrieve error message ( #1870 )
2019-07-31 23:09:38 +02:00
Clément OUDOT
4ee49de4c2
Adapt grant_types_supported attribute ( #1846 )
2019-07-25 19:06:53 +02:00
Maxime Besson
c9dba5212e
HTML-decode entityID from metadata ( #1864 )
2019-07-25 18:29:46 +02:00
Christophe Maudoux
3d6a7bd843
Sort notifications: JSON format ( #1862 )
2019-07-25 12:42:58 +02:00
Christophe Maudoux
bf5fe2246d
Send specified parameters ( #1851 )
2019-07-25 12:00:37 +02:00
Christophe Maudoux
3082168617
Append HTTP method options ( #1851 )
2019-07-25 10:49:49 +02:00
Christophe Maudoux
11f2d0f34a
Improve notifications REST API & unit test ( #1851 )
2019-07-23 15:54:53 +02:00
Maxime Besson
d82f776df8
Allow multi instanciation of 2F modules ( #1860 )
...
This commit adds a manager interface to declare multiple instances of a
single 2F module, in a manner similar to Combination.
An additional portal code reads the `sfExtra` variable to load the
declared modules.
An empty rules means the module will be always active.
2019-07-22 19:30:37 +02:00
Christophe Maudoux
fb7a222c9d
Append notifications REST API ( #1851 )
2019-07-22 15:39:59 +02:00
Christophe Maudoux
81aa2fb37b
Improve test-lib & unit test ( #1851 )
2019-07-21 23:23:20 +02:00
Christophe Maudoux
3972861ba4
WIP - Improve unit test & need to fix list notifications feature!!! ( #1851 )
2019-07-21 22:47:48 +02:00
Clément OUDOT
f15e8bd108
Possibility to list notifications ( #1851 )
2019-07-21 20:47:16 +02:00
Christophe Maudoux
ca7ebe09f7
WIP - REST service to remove notification ( #1851 )
2019-07-20 22:25:03 +02:00
Christophe Maudoux
21c1d83df3
Typo
2019-07-20 13:28:48 +02:00
Christophe Maudoux
4eecd90230
Typo ( #1857 )
2019-07-17 12:20:30 +02:00
Christophe Maudoux
b99b76e2d6
Improve code ( #1857 )
2019-07-17 12:18:15 +02:00
Christophe Maudoux
d8b3eb2a34
Remove cipher cookie if notification refused ( #1857 )
2019-07-16 13:51:01 +02:00
Clément OUDOT
e12cb3a905
Fix loop on notifications ( #1856 )
2019-07-15 10:55:33 +02:00
Xavier
64c587417b
Improvement
2019-07-12 19:09:55 +02:00
Clément OUDOT
c024ed0fe6
Improve logging when a notification is added by REST ( #1853 )
2019-07-12 18:34:55 +02:00
Xavier Guimard
3c6a301785
Keep original PATH_INFO during notification process ( Fixes : #1852 )
2019-07-12 10:33:36 +02:00
Clément OUDOT
c76dc52436
Adapt response_types_supported attribute in OpenID Connect metadata depending on configured flows ( #1846 )
2019-07-08 15:38:57 +02:00
Clément OUDOT
9b98893c44
Manage claims in ID token if no access token requested ( #1846 )
2019-07-08 15:15:13 +02:00
Christophe Maudoux
240617d8d8
Fix unit tests
2019-07-06 23:27:45 +02:00
Christophe Maudoux
d0da10b375
Improve code ( #1664 )
2019-07-06 23:00:35 +02:00
Christophe Maudoux
619ea8258f
Improve unit test & fix warning - Expired sessions ( #1783 )
2019-07-06 23:00:24 +02:00
Christophe Maudoux
2d6c46920e
Fix & improve unit test ( #1844 )
2019-07-05 22:53:48 +02:00
Xavier
88f75c42ed
Set pdata domain also when removing cookie ( #1829 )
2019-07-05 06:43:11 +02:00
Christophe Maudoux
6a579644f8
Fix warning ( #1842 )
2019-07-04 23:20:11 +02:00
Christophe Maudoux
f38a583967
Improve code
2019-07-04 22:50:46 +02:00
Christophe Maudoux
2016abd2ee
Send pdata cookie to cross domain ( #1829 )
2019-07-04 21:49:28 +02:00
Xavier
9cdfd4c9a6
Add notice when user is connected
2019-07-04 21:22:06 +02:00
Clément OUDOT
1ebbde9a50
Tidy code and add missing check on hash_level ( #1835 )
2019-07-04 09:49:01 +02:00
Xavier
a104db2f2d
Clean logs
2019-07-04 07:24:50 +02:00
Xavier
d4fedbdfcf
Duplicate log rules in Plugin manpage
2019-07-04 07:09:39 +02:00
Christophe Maudoux
6df12176de
Disable secondFactor ( #1783 )
2019-07-03 23:21:19 +02:00
Christophe Maudoux
2f541370a6
perltidy ( #1783 )
2019-07-03 23:12:15 +02:00
Christophe Maudoux
03f2d89d0c
ContextSwitching: Check (expiration) errors & Improve logs ( #1783 )
2019-07-03 23:08:50 +02:00
Christophe Maudoux
161d6cee0f
Fix unit test warning (Auth-and-issuer-OIDC-authorization_code-with-none-alg.t)
2019-07-03 22:17:22 +02:00
Maxime Besson
6f058fb2fa
Add manager manpages to deb
2019-07-03 15:17:16 +02:00
Xavier
78a4bb4987
ContextSwitching: Check (expiration) errors ( #1783 )
2019-07-03 06:47:33 +02:00
Christophe Maudoux
5a53fee2db
WIP - Improve log ( #1783 )
2019-07-03 00:09:14 +02:00
Christophe Maudoux
42bc5efdb3
Use skin rules in plugins ( #1828 )
2019-07-02 22:17:53 +02:00
Christophe Maudoux
9c62a04f22
Improve code ( #1783 )
2019-07-02 22:08:17 +02:00
Christophe Maudoux
12e0853b51
Improve log ( #1783 )
2019-07-02 21:33:32 +02:00
Xavier Guimard
c1137edba8
make tidy with perltidy-20181120
2019-07-02 20:03:40 +02:00
Clément OUDOT
e04a6f1983
Reject none algorithm when checking JWT signature ( #1835 )
2019-07-02 16:36:43 +02:00
Clément OUDOT
60c03010ce
Use Base64URL for JWT generation ( #1834 )
2019-07-01 17:29:35 +02:00
Christophe Maudoux
b94cbe0144
Fix default value ( #1825 )
2019-07-01 13:28:01 +02:00
Christophe Maudoux
69d2a2db0c
Fix default value ( #1825 )
2019-07-01 12:56:10 +02:00
Christophe Maudoux
a1f5791e06
Merge branch '1783' into v2.0
2019-06-30 19:00:41 +02:00
Christophe Maudoux
bcbea7bee0
Update version ( #1825 )
2019-06-29 21:48:52 +02:00
Christophe Maudoux
eda8151432
Don t mix && with and ( #1825 )
2019-06-29 21:35:13 +02:00
Christophe Maudoux
11d2909b0a
WIP - Disable persistent sessions storage ( #1825 )
2019-06-29 21:10:16 +02:00
Christophe Maudoux
d97c36a97e
Disable spoofed sessions ( #1783 )
2019-06-28 23:53:43 +02:00
Christophe Maudoux
897d04ac93
Merge branch 'v2.0' into 1783
2019-06-28 22:05:48 +02:00
Clément OUDOT
b0a69d3473
Use skin rules in 2F plugins ( #1828 )
2019-06-28 15:56:57 +02:00
Xavier
c921c295ed
Use user skin in loadTemplate ( Fixes : #1828 )
2019-06-28 13:40:56 +02:00
Xavier Guimard
44a6e25851
Improve cryptographic functions ( #1823 )
2019-06-28 10:30:37 +02:00
Christophe Maudoux
bb39dca317
Append & update unit tests ( #1783 )
2019-06-27 21:54:14 +02:00
Christophe Maudoux
8ad895c3b8
Merge branch 'v2.0' into 1783
2019-06-27 21:11:56 +02:00
Xavier Guimard
264410409d
Move CAS service verification from main to Issuer::CAS ( #1795 )
2019-06-27 16:55:12 +02:00
Maxime Besson
e1f927a195
Check service= parameter on CAS logout ( #1795 )
...
service= redirect URL is not checked when logging out from CAS, to avoid
insecure redirect attacks. The verification is only made if CAS access
control is enabled.
In order for this to work in common cases (applications redirects to an
unprotected page after logout), we add CAS App domains to the list of
globally trusted domains.
If your application wants to redirect to a third-party domain, it needs
to be added to LLNG's trustedDomains
2019-06-27 12:40:40 +02:00
Maxime Besson
5f9c4c231d
Add authenticated routes to 2FA for session upgrade ( #1822 )
2019-06-26 23:33:00 +02:00
Xavier
3582cfb12b
Don't keep pdata on upgrade ( Fixes : #1821 )
2019-06-26 21:47:01 +02:00
Xavier Guimard
e15a41bc66
Fix typo: s/templatesDir/templateDir/g ( #1819 )
2019-06-26 11:59:13 +02:00
Xavier Guimard
45a0b68c3b
Disable external entities in XML parsers ( Fixes : #1818 )
2019-06-26 11:32:10 +02:00
Christophe Maudoux
f11c34e9cd
Cleaning code ( #1783 & #1658 )
2019-06-25 23:04:27 +02:00
Christophe Maudoux
f5587ac477
Improve code ( #1783 )
2019-06-25 22:01:20 +02:00
Christophe Maudoux
0b567d6c15
Merge branch 'v2.0' into 1783
2019-06-25 20:23:48 +02:00
Christophe Maudoux
b9af5d1adc
Use Id
2019-06-25 19:30:06 +02:00
Christophe Maudoux
7a97bc46c4
Improve code ( #1783 )
2019-06-25 19:28:05 +02:00
Xavier Guimard
93ccb9fd76
Set Content-Length in Apache::Session::REST requests ( #1813 )
2019-06-25 09:37:37 +02:00
Xavier Guimard
ddde26fa1c
Add searchOn() in Apache::Session::REST ( #1813 )
2019-06-25 09:18:58 +02:00
Christophe Maudoux
32cb9e3a8f
Delete session ( #1783 )
2019-06-24 23:52:39 +02:00
Christophe Maudoux
266f2fdf02
Merge branch 'v2.0' into 1783
2019-06-24 23:36:54 +02:00
Christophe Maudoux
786e136754
Create session with ContextSwitching plugin ( #1783 )
2019-06-24 23:36:23 +02:00
Christophe Maudoux
28fd7ea0b8
Change log level ( #1664 )
2019-06-24 23:35:33 +02:00
Xavier
c5d6bc42b6
Add get_key_from_all_sessions in Apache::Session::REST ( #1813 )
2019-06-24 23:07:34 +02:00
Xavier
9df3d57bc9
In REST, PE_LOGOUT_OK must return 200
2019-06-24 23:06:15 +02:00
Christophe Maudoux
5efa6c111a
Append log ( #1783 )
2019-06-23 22:56:05 +02:00
Christophe Maudoux
8d2367c6d7
Typo
2019-06-23 22:55:46 +02:00
Christophe Maudoux
e5f03f34d9
Append ContextSwitching plugin ( #1783 )
2019-06-23 22:19:40 +02:00
Christophe Maudoux
c24ff711a0
WIP - ContextSwitching ( #1783 )
2019-06-23 10:51:10 +02:00
Christophe Maudoux
bdc5007e43
Update sort condition ( #1658 )
2019-06-23 10:18:05 +02:00
Christophe Maudoux
dd94351f35
WIP - ContextSwitching ( #1783 )
2019-06-22 23:46:02 +02:00
Christophe Maudoux
8c47c913fe
WIP - ContextSwitching ( #1783 )
2019-06-21 16:24:50 +02:00
Christophe Maudoux
b69ffc0ff8
WIP - ContextSwitching ( #1783 )
2019-06-21 15:23:06 +02:00
Christophe Maudoux
a2ebaf31b1
WIP - AdminImpersonation skeleton ( #1783 )
2019-06-19 18:13:17 +02:00
Christophe Maudoux
c4d4b482a5
Provide to plugins message display functions ( #1796 )
2019-06-18 22:00:03 +02:00
Christophe Maudoux
86b305d19b
Typo ( #1664 )
2019-06-18 21:57:40 +02:00
Christophe Maudoux
9fa11709e6
Append options to use Notifications plugin & set notification reference ( #1796 )
2019-06-17 22:31:44 +02:00
Xavier
8b488e4d51
Move LDAP::getUser() to Lib::LDAP ( Fixes : #1805 )
2019-06-17 21:15:38 +02:00
Xavier
aff7527580
Fix bad call in LDAP ( #1805 )
2019-06-17 19:21:48 +02:00
Christophe Maudoux
1b4d1b5bdf
Avoid notification reference to be truncated ( #1796 )
2019-06-16 20:57:53 +02:00
Christophe Maudoux
d6f3dd459a
Display message ( #1796 )
2019-06-16 16:02:48 +02:00
Christophe Maudoux
ecf84e8a4d
WIP ( #1796 )
2019-06-14 23:09:32 +02:00
Christophe Maudoux
fde6ff2cc8
WIP ( #1796 )
2019-06-14 23:09:32 +02:00
Xavier Guimard
5fbff01b27
Update versions
2019-06-14 17:27:54 +02:00
Xavier Guimard
65eaefa75f
Tidy
2019-06-14 17:23:26 +02:00
Clément OUDOT
4e5c450b8b
Return error if no code provided on token endpoint ( #1802 )
2019-06-14 16:05:39 +02:00
Xavier Guimard
e7bc7b3f4e
Add restExportSecretKeys option ( #1799 )
2019-06-14 08:51:58 +02:00
Xavier
5dc5b88daa
Permit to show $_password in REST session server ( #1799 )
2019-06-14 07:09:55 +02:00
Xavier
4ad0da0315
Fix syntax error ( #1794 )
2019-06-14 06:33:27 +02:00
Christophe Maudoux
73f689eca4
Fix 2F types ( #1782 )
2019-06-13 23:28:57 +02:00
Christophe Maudoux
c8295b60b5
Fix 2F types ( #1782 )
2019-06-13 23:27:30 +02:00
Xavier
c7ef665bf9
Fix #1782
2019-06-13 22:23:20 +02:00
Xavier
8d642da8cb
Improve #1782
2019-06-13 22:10:30 +02:00
Xavier Guimard
2a021e37ea
Don't require getDisplayType in Choice ( #1800 )
2019-06-13 17:51:36 +02:00
Maxime Besson
1a66da30f9
Store portal language in _language user session key ( #1764 )
2019-06-13 09:26:19 +02:00
Xavier
a6aaf8a507
Add XSS test ( #1795 )
2019-06-11 21:30:15 +02:00
Xavier
1a8948894d
Check CAS "service" parameter ( Fixes : #1795 )
2019-06-11 21:02:43 +02:00
Maxime Besson
97d0bbf0aa
Fix CASv2 logout ( #1753 )
2019-06-11 16:18:15 +02:00
Xavier Guimard
9e932b525c
Merge branch 'issue1794-accentregister' into 'v2.0'
...
Register: better handling of special chars (#1794 )
See merge request lemonldap-ng/lemonldap-ng!78
2019-06-10 22:57:34 +02:00
Maxime Besson
f195db2a5a
Register: better handling of special chars ( #1794 )
2019-06-10 22:45:15 +02:00
Christophe Maudoux
7a3ded7efb
Improve code ( #1782 )
2019-06-10 20:56:38 +02:00
Christophe Maudoux
441519a542
Typo ( #1791 )
2019-06-10 10:37:43 +02:00
Christophe Maudoux
8a35584e26
Fix empty hGroups ( #1791 )
2019-06-09 19:54:00 +02:00
Christophe Maudoux
63798f71f9
Change message condition ( #1791 )
2019-06-08 22:10:13 +02:00
Christophe Maudoux
b71f678f80
Filter SSO groups to merge ( #1791 )
2019-06-08 22:08:58 +02:00
Christophe Maudoux
e3c2766809
Test 2F TTL ( #1782 )
2019-06-07 19:51:51 +02:00
Xavier
94c2a0bc3b
Add addAuthRouteWithRedirect() doc ( #1787 )
2019-06-06 23:02:46 +02:00
Xavier
f4bca7430a
Add addAuthRouteWithRedirect() method to Try ( #1787 )
2019-06-06 22:59:02 +02:00
Xavier Guimard
946384272e
Partial revert "Typo"
...
This reverts commit f63a63eedb
.
2019-06-06 16:00:49 +02:00
Christophe Maudoux
801e2a17d6
Better fix ( #1769 )
2019-06-05 15:27:58 +02:00
Christophe Maudoux
30c4a9c787
setSecurity if failed login ( #1769 )
2019-06-05 11:29:04 +02:00
Christophe Maudoux
f63a63eedb
Typo
2019-06-05 11:25:50 +02:00
Christophe Maudoux
c044ebc473
Fix functions parameter ( #1774 )
2019-06-04 23:18:06 +02:00
Christophe Maudoux
eab00052f3
Fix debug msg ( #1774 )
2019-06-04 20:42:54 +02:00
Christophe Maudoux
95b188ccfe
Fix grant parameter, append warning msg & debug logs ( #1774 )
2019-06-04 18:19:33 +02:00
Christophe Maudoux
18dd7c2c41
Append debug msg ( #1765 )
2019-06-04 16:19:01 +02:00
Christophe Maudoux
f69b829f6c
Restore loginHistory ( #1780 ) & Improve code
2019-06-02 22:40:00 +02:00
Christophe Maudoux
054fda9cfd
Fix warnings ( #1781 )
2019-06-01 23:22:20 +02:00
Christophe Maudoux
491c54a3ee
Fix Impersonation with 2FA ( #1781 )
2019-06-01 19:13:45 +02:00
Christophe Maudoux
e36ce98dda
SetSecurity with AuthChoice ( #1769 )
2019-06-01 11:47:49 +02:00
Christophe Maudoux
35f1677747
Append unit test and fix CORS headers ( #1765 )
2019-05-31 17:50:44 +02:00
Christophe Maudoux
132e57b4b3
Manage CORS headers ( #1765 )
2019-05-31 17:00:39 +02:00
Christophe Maudoux
432f2655bb
Fix if no userDB ( #1774 )
2019-05-30 12:26:50 +02:00
Christophe Maudoux
04603c0169
Fix warning ( #1774 )
2019-05-30 12:26:50 +02:00
Xavier Guimard
6b5677b4ce
Tidy ( #1774 )
2019-05-29 14:20:46 +02:00
Christophe Maudoux
224137462a
Tidy ( #1774 )
2019-05-29 00:08:48 +02:00
Christophe Maudoux
a89f83294b
Retrieve session from DB if exists & Improve unit test ( #1774 )
2019-05-28 23:55:54 +02:00
Xavier Guimard
8fd3f6be90
Merge branch 'issue1521-appmenu' into 'v2.0'
...
Preserve applicationList key names (#1521 )
See merge request lemonldap-ng/lemonldap-ng!76
2019-05-28 22:10:53 +02:00
Xavier
db2ee96bc8
Update versions ( #1777 )
2019-05-28 22:04:45 +02:00
Xavier
f0842569c2
Don't erase pdata on 404 errors ( #1778 )
2019-05-28 21:58:22 +02:00
Xavier
82171e9a90
Fix missing $req in SLO responses ( #1777 )
2019-05-28 21:45:54 +02:00
Xavier
acd6ba50e8
Fix some missing $req ( #1777 )
2019-05-28 19:52:08 +02:00
Christophe Maudoux
5126e9003b
Allow double sessions for double cookies with singleSession ( #1775 )
2019-05-28 17:32:06 +02:00
Maxime Besson
b12992755f
Preserve applicationList key names ( #1521 )
...
Previously, every configuration save from the manager would overwrite
applicationList key names to preserve their ordering.
This commit introduces a new "order" key in the JSON config instead.
2019-05-28 15:38:26 +02:00
Christophe Maudoux
dece7d8aa0
Allow double sessions for double cookies ( #1775 )
2019-05-27 22:42:02 +02:00
Christophe Maudoux
26233106a5
Set _updateTime session value ( #1771 )
2019-05-26 11:56:58 +02:00
Christophe Maudoux
3dd4c52c65
Update version ( #1766 )
2019-05-26 10:33:39 +02:00
Christophe Maudoux
0e47cb4f5b
Fix warning message
2019-05-23 15:52:11 +02:00
Maxime Besson
0babf4c6c3
Fix non-sso session removal in SoapServer
...
closes #1762
2019-05-21 17:30:37 +02:00
Christophe Maudoux
59f07b7b8f
Avoid to renew double cookie sessions for refresh request ( #1747 )
2019-05-20 23:03:10 +02:00
Christophe Maudoux
29b7341345
Change code order ( #1749 )
2019-05-19 13:40:46 +02:00
Christophe Maudoux
006f862a69
Cleaning code ( #1755 )
2019-05-17 22:18:09 +02:00
Clément OUDOT
c024952b8f
Do not fail if no RP or no OP configured ( #1759 )
2019-05-17 16:00:33 +02:00
Xavier
b91d1d4b87
Tidy
2019-05-16 20:45:14 +02:00
Xavier
a2e78c88c3
Set versions
2019-05-16 20:42:31 +02:00
Xavier
1186aba52b
lmError(): return JSON if wanted ( #1745 )
2019-05-16 06:50:13 +02:00
Christophe Maudoux
e46fac82b2
CheckUser with tokenGlobalStorage & Warn if SSO groups are merged
2019-05-15 23:45:06 +02:00
Maxime Besson
1f1eeab9c8
Do not log a warning when displaying form with Combination
...
When form-based authentication methods return PE_FIRSTLOGIN, do not log
a warning because it's normal behavior to show the form.
2019-05-14 19:47:28 +02:00
Christophe Maudoux
fc034ad4bf
Impersonation with doubleCookie ( #1746 )
2019-05-12 22:59:21 +02:00
Clément OUDOT
05cd4d4a58
Fix update token with global storage ( #1742 )
2019-05-12 20:39:25 +02:00
Clément OUDOT
682b193477
Use TOKEN kind for mail password reset sessions ( #1743 )
2019-05-12 20:04:38 +02:00
Clément OUDOT
07de622e83
Fix getRegisterSession and getMailSession ( #1743 )
2019-05-12 17:36:14 +02:00
Xavier
9a71709f44
Tidy
2019-05-11 23:03:48 +02:00
Christophe Maudoux
8737fc0808
Impersonation with doubleCookie & Append unit test ( #1746 )
2019-05-11 22:57:52 +02:00
Xavier
f3c4ea0afb
Tydy
2019-05-11 20:18:43 +02:00
Christophe Maudoux
aeead582d8
Restore _httpSession ( #1746 )
2019-05-11 19:07:07 +02:00
Xavier
2ce7396bf2
Don't filter on session_kind with SOAP ( #1742 )
2019-05-11 15:41:14 +02:00
Xavier
6235b303b3
#1742 in progress...
2019-05-11 09:31:17 +02:00
Xavier Guimard
1cd50bb353
Fix Auth::Remote session kind ( #1742 )
2019-05-10 18:02:56 +02:00
Xavier Guimard
638a0de81a
Don't use SSO session type for tokens (Fixes security part of #1742 )
2019-05-10 17:35:10 +02:00
Clément OUDOT
fce270408e
Improve log in plugin GrantSession ( #1739 )
2019-05-06 19:10:26 +02:00
Clément OUDOT
755b1ace78
Add some debug in Ext2F ( #1738 )
2019-05-06 14:28:28 +02:00
Clément OUDOT
a7c8b9d466
Fix error handling in Ext2F ( #1738 )
2019-05-06 14:07:42 +02:00
Christophe Maudoux
c8dd4554aa
Test if required secret elements are set to sign JWT
2019-05-02 14:33:56 +02:00
Christophe Maudoux
f4938f3489
Grant access only if required Impersonation succeeds ( #1664 )
2019-04-30 14:57:45 +02:00
Christophe Maudoux
321fe29c35
Update version
2019-04-29 22:33:11 +02:00
Christophe Maudoux
2e9092d2bd
Clean code
2019-04-29 22:33:11 +02:00
Christophe Maudoux
a89b92f265
Improve code ( #1386 )
2019-04-29 22:33:11 +02:00
Christophe Maudoux
2e3c2e1a16
Sort by spoofed and real attributes ( #1658 )
2019-04-29 22:33:11 +02:00
Clément OUDOT
926262170b
Implement PKCE in OIDC provider ( #1722 )
2019-04-29 17:18:16 +02:00
Clément OUDOT
8e6f678be7
Create a configuration option to allow a Relying Party to be a public client
...
Allow unauthenticated requests on OAuth2 token endoint
#1725
2019-04-29 10:02:16 +02:00
Maxime Besson
2f9e6aa623
Allow override of username attribute for CAS apps
...
Global CAS options allows the admistrator to set the session attribute
that gets exported to all CAS application as the main identifier
(cas:user)
This commit adds the ability to override this configuration for a
particular CAS application.
OIDC already allows this
Fixes #1713
2019-04-28 21:06:34 +02:00
Maxime Besson
62f16721ff
Send username when calling CAS1.0 validation
...
Fixes #1724
2019-04-28 19:29:54 +02:00
Maxime Besson
64cc4ea0e6
Do not sent Kerberos js twice when using Combination
...
Fixes #1720
2019-04-25 17:17:03 +02:00
Christophe Maudoux
c86b76cb9c
Init. rules by using accessors ( #1658 )
2019-04-21 11:56:29 +02:00
maudoux
9b711e6c81
Update version
2019-04-13 22:57:30 +02:00
maudoux
cfa98b2723
Fix logo display
2019-04-13 21:02:47 +02:00
Clément OUDOT
259f9d8d94
Use same JSON fields for failure and success ( #1711 )
2019-04-13 15:23:40 +02:00
Clément OUDOT
9256571f25
Return session id with successful REST authentication ( #1711 )
2019-04-12 16:57:22 +02:00
maudoux
026fcd9f76
Fix warnings ( #1704 )
2019-04-10 22:14:46 +02:00
maudoux
1d08372a8c
Sort CAS servers & update langs ( #1704 )
2019-04-10 21:58:37 +02:00
Xavier
4a21e96426
Fix warning
2019-04-10 21:54:03 +02:00
Xavier
1bcf828a89
Merge remote-tracking branch 'arosier/idpsort' into v2.0
2019-04-10 19:48:26 +02:00
Antoine ROSIER
8875a4e985
perltidy
2019-04-10 17:21:33 +02:00
Antoine ROSIER
f7b296b032
Sorting OIDc ( #1704 )
2019-04-10 17:06:41 +02:00
Antoine ROSIER
8636da45be
Sorting SAML idp ( #1704 )
2019-04-10 17:06:41 +02:00
Clément OUDOT
ae3a728378
Manage template inclusion when file is not in configured portal theme ( #1653 )
2019-04-10 15:42:58 +02:00
Christophe Maudoux
413cc98fba
perltidy
2019-04-10 09:21:55 +02:00
Antoine ROSIER
6352dc6ac8
Sort idp and op ( #1704 )
2019-04-10 09:01:55 +02:00
Xavier
af707c5b1f
Clear pdata on lmerror access
2019-04-10 07:14:36 +02:00
maudoux
4ff20f2d76
Fix Yubikey userLogger ( #1702 )
2019-04-09 23:40:16 +02:00
Xavier
a187e5c59b
Fix some userLogger message ( #1702 )
2019-04-09 21:48:59 +02:00
Christophe Maudoux
f1cb8d236e
Checkuser case unsensitive for URL only & Improve unit test (1667)
2019-04-09 16:56:00 +02:00
maudoux
1bc519d11d
Fix warning ( #1694 )
2019-04-06 14:09:58 +02:00
Maxime Besson
666e59ad6e
Fix #1698 by clearing saml request token on unauth issuer flow
...
Add some unit tests to make sure relevant pdata is cleared after authentication
2019-04-05 23:27:21 +02:00
maudoux
c573ec9625
Typo & upadte version
2019-04-05 22:58:48 +02:00
maudoux
956d934a93
Append GPG authentication level ( #1699 )
2019-04-05 22:38:20 +02:00
maudoux
85551ba5e1
Append REST authentication level ( #1699 )
2019-04-05 22:38:01 +02:00
Christophe Maudoux
cf36b44162
Cleaning code ( #1664 )
2019-04-05 20:04:17 +02:00
Christophe Maudoux
dc1f36daf0
Use OTT rule ( #1664 )
2019-04-05 20:03:42 +02:00
Christophe Maudoux
f4801f3587
Use OTT rule ( #1664 )
2019-04-05 20:03:37 +02:00
Christophe Maudoux
01006fc984
Use OTT rule ( #1664 )
2019-04-05 20:03:25 +02:00
Christophe Maudoux
cb53973881
Use OTT rule ( #1694 )
2019-04-05 17:24:16 +02:00
Christophe Maudoux
5a8a7d483f
Use OTT rule ( #1694 )
2019-04-05 17:24:07 +02:00
Christophe Maudoux
2b818a9c02
Append specific ottRule dependency ( #1694 )
2019-04-05 17:23:09 +02:00
Xavier Guimard
10e8d51449
Fix Perl::Critic changes
2019-04-05 10:46:43 +02:00
Xavier Guimard
2159957c34
Update versions
2019-04-05 09:54:43 +02:00
maudoux
5b67f1f743
Use rule to enable OTT ( #1694 )
2019-04-03 23:28:45 +02:00
Clément OUDOT
8859fe342b
Fix setHiddenFormValue ( #1692 )
2019-04-03 17:54:58 +02:00
Clément OUDOT
8be0817363
Send optional SAML attributes if they have a value ( #1681 )
2019-04-03 16:40:41 +02:00
Xavier Guimard
ece9b21219
Remove trailing whitespaces
2019-04-03 14:15:16 +02:00
Clément OUDOT
9a454fbb7a
Manage SLO termination if there is no RelayState ( #1671 )
2019-04-03 12:26:01 +02:00
Maxime Besson
d44a042fd5
Revert 8f5fbb077e
and change the way logout errors are handled
...
Relating to issue #1668 , the proposed fix works when there is only one
service provider to logout of.
Now that multiple service provider logout is starting to work again on
2.0, we cannot read the remote_ProviderID from the logout object because
it is only filled by lasso when actually building the response.
Instead, we ignore any error that could occur when building the
response, log a warning and show the portal instead. Still better than
an internal server error.
2019-04-03 11:20:24 +02:00
maudoux
ae28ea3169
Append Conf domain to url if missing - Fix port ( #1664 )
2019-04-02 22:08:15 +02:00
maudoux
ec214c75c2
Append Conf domain to url if missing ( #1664 )
2019-04-02 22:08:15 +02:00
Clément OUDOT
a805a5a00b
Manage SLO responses ( #1671 )
2019-04-02 17:27:47 +02:00
Clément OUDOT
4e76ee9582
Avoid warning during SAML SLO ( #1671 )
2019-04-02 16:13:45 +02:00
Clément OUDOT
bac2eb564c
Remove antiframe protection in portal javascript ( #1696 )
2019-04-02 15:05:41 +02:00
Clément OUDOT
c4b4e95e9d
Display password or login template after password modification ( #1654 )
2019-04-02 11:12:33 +02:00
Clément OUDOT
4af47ad6a4
Allow iframe from portal to be able to load saml SLO return page ( #1671 )
2019-04-01 18:09:31 +02:00
Clément OUDOT
5a30a82fa6
Add SLO Termination endpoint ( #1671 )
2019-04-01 18:02:38 +02:00
Clément OUDOT
59bc0642fc
Always display info ( #1693 )
2019-04-01 17:18:28 +02:00
Clément OUDOT
502a32e257
Add unit test and fix code for ppolicy grace ( #1691 )
2019-04-01 09:58:56 +02:00
Xavier
01ab88ba57
Fix for #1691
2019-04-01 06:52:21 +02:00
Clément OUDOT
a1f5fb5170
Test return of getUser ( #1654 )
2019-03-29 11:53:52 +01:00
Xavier
906db8daa6
Merge branch 'antoinerosier/lemonldap-ng-logs' into v2.0
2019-03-27 21:44:25 +01:00
Antoine ROSIER
b79c9659cb
Add user logs informations ( #1687 )
2019-03-27 16:00:39 +01:00
Clément OUDOT
4bab684e2d
Refresh entry after password modification ( #1654 )
2019-03-27 09:59:22 +01:00
Xavier
5a5572ec1f
Fix WSDL generation ( Closes : #1686 )
2019-03-26 21:47:14 +01:00
Clément OUDOT
39020e003e
Fix server error on SAML SLO ( #1671 )
2019-03-26 17:15:01 +01:00
Clément OUDOT
aa139df89d
Change criticity of password must be reset message ( #1654 )
2019-03-26 16:45:19 +01:00
Xavier Guimard
af4f123916
Fix cspScrip ( Closes : #1683 )
2019-03-26 09:56:46 +01:00
Xavier Guimard
99afd7243a
Fix #1675
2019-03-26 08:06:55 +01:00
Xavier
f226bded41
Partial fix for /logout ( #1675 )
2019-03-26 07:30:36 +01:00
Xavier
774707ad65
Add cache to avoid parsing and compiling JSON files at each request ( #1595 )
2019-03-26 06:49:39 +01:00
Xavier Guimard
3c0a9d7ecc
Second fix for #1673
2019-03-25 19:34:29 +01:00
Xavier Guimard
4138b7edae
Fix menu app cache ( #1673 )
2019-03-25 16:48:57 +01:00
Maxime Besson
3575e0ef23
Clear url pdata on CDA redirection
...
Fixes #1650
2019-03-19 19:15:47 +01:00
Clément OUDOT
8a9a5b0b3a
New method to override messages with JSON files ( #1595 )
2019-03-19 17:39:13 +01:00
Clément OUDOT
447c09c0a2
Remove old translation file ( #1595 )
2019-03-19 15:38:36 +01:00
Clément OUDOT
438d5bcbaf
Revert patch on GrantSession plugin ( #1666 )
2019-03-18 21:35:02 +01:00
Clément OUDOT
4166ae6d90
Merge branch 'v2.0' of gitlab.ow2.org:lemonldap-ng/lemonldap-ng into v2.0
2019-03-18 21:29:31 +01:00
Clément OUDOT
9798c78068
Remove userData if authentication fails ( #1666 )
2019-03-18 21:29:15 +01:00
Christophe Maudoux
d412f3d807
Update version ( #1666 )
2019-03-18 17:14:22 +01:00
Clément OUDOT
4366488fb6
Adapt GrantSession plugin to display authentication error on login form ( #1666 )
2019-03-18 11:53:30 +01:00
Clément OUDOT
627548e95d
Display authentication error on login form ( #1666 )
2019-03-18 11:41:41 +01:00
Clément OUDOT
d620ae2e8b
Merge branch 'maxbes/lemonldap-ng-saml-issuer-entityid-override' into v2.0
2019-03-13 10:30:16 +01:00
Clément OUDOT
dee4818f0c
Merge branch 'issue1543' into 'v2.0'
...
Save Urldc when using SAML Discovery
See merge request lemonldap-ng/lemonldap-ng!62
2019-03-13 10:19:14 +01:00
Maxime Besson
8f5fbb077e
When logout-initiating SP has no known SLO endpoint, fallback to portal
...
In some federations, SLO endpoints are not published, yet SP are still
able to initiate logouts.
This used to cause an error on the portal, this commit changes the error
into a warning in logs. The user remains on the portal and sees a normal
logout message.
2019-03-12 17:58:41 +01:00
Clément OUDOT
f6a3b527c8
Process SAML request to get current SP in env ( #1672 )
2019-03-12 16:52:01 +01:00
Christophe Maudoux
e1aa654bbb
Display session at first access ( #1658 )
2019-03-12 10:00:23 +01:00
Christophe Maudoux
d39078f29b
Fix specific use cases with rules ( #1664 )
2019-03-11 22:07:38 +01:00
Maxime Besson
257d329151
Fix display of ok/nok image during multi-sp saml logout
2019-03-11 18:13:06 +01:00
Clément OUDOT
8cd579f19f
Add a waiting message for Kerberos/SSL workflow ( #1670 )
2019-03-11 16:36:32 +01:00
Clément OUDOT
145db1cf60
Fix regexp for portal default condition ( #1669 )
2019-03-11 12:01:16 +01:00
Christophe Maudoux
30c0f2edf0
Improve code ( #1658 )
2019-03-10 22:01:55 +01:00
Christophe Maudoux
be28b60e66
Append identities rule ( #1658 )
2019-03-09 23:29:10 +01:00
Christophe Maudoux
7e1119a88d
Fix mistake & typo ( #1664 )
2019-03-09 23:27:54 +01:00